You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/content/admin/sso/PRO__saml.md
+14Lines changed: 14 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -45,6 +45,20 @@ If no group with a matching name exists, DefectDojo will automatically create on
45
45
46
46
To activate group mapping, check the **Enable Group Mapping** checkbox at the bottom of the form.
47
47
48
+
## Cloud vs On-Premise Differences
49
+
50
+
DefectDojo Cloud does not have the same level of SAML customization as DefectDojo On-Prem. The only variables that can be set are through the UI. Here are some of the key differences:
51
+
52
+
| Capability | Cloud | On-Premise |
53
+
|---|---|---|
54
+
|**Username matching**| NameID only | NameID only (the `SAML_USE_NAME_ID_AS_USERNAME` env var applies to Open Source only, not Pro) |
55
+
|**SAML assertion encryption**| Not currently supported | Not currently supported |
56
+
|**SAML login logs**| Not available in the UI. Contact Support to request logs. | Available via application container logs (`docker logs dojo`) |
57
+
|**Configuration method**| Enterprise Settings UI only | Enterprise Settings UI, Django Admin, or Django Shell |
58
+
|**Environment variables**| Cannot be set by customers directly. Contact Support for changes. | Can be set via `dojo-compose-cli environment add`|
59
+
60
+
If you need to match users on an attribute other than NameID (such as `uid` or `email`), configure your Identity Provider to send the desired value as the NameID rather than adjusting DefectDojo settings.
61
+
48
62
## Additional Options
49
63
50
64
***Create Unknown User** — automatically create a new DefectDojo user if they are not found in the SAML response.
0 commit comments